{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-53820", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-08T23:58:35.278Z", "datePublished": "2025-12-09T01:24:29.417Z", "dateUpdated": "2025-12-09T01:24:29.417Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-09T01:24:29.417Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: loop_set_status_from_info() check before assignment\n\nIn loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should\nbe checked before reassignment, because if an overflow error occurs, the\noriginal correct value will be changed to the wrong value, and it will not\nbe changed back.\n\nMore, the original patch did not solve the problem, the value was set and\nioctl returned an error, but the subsequent io used the value in the loop\ndriver, which still caused an alarm:\n\nloop_handle_cmd\n do_req_filebacked\n loff_t pos = ((loff_t) blk_rq_pos(rq) << 9) + lo->lo_offset;\n lo_rw_aio\n cmd->iocb.ki_pos = pos"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/loop.c"], "versions": [{"version": "a217715338fd48f72114725aa7a40e484a781ca7", "lessThan": "832580af82ace363205039a8e7c4ef04552ccc1a", "status": "affected", "versionType": "git"}, {"version": "b40877b8562c5720d0a7fce20729f56b75a3dede", "lessThan": "861021710bba9dfa0749a3c209a6c1773208b1f1", "status": "affected", "versionType": "git"}, {"version": "6858933131d0dadac071c4d33335a9ea4b8e76cf", "lessThan": "c79a924ed6afac1708dfd370ba66bcf6a852ced6", "status": "affected", "versionType": "git"}, {"version": "0455bef69028c65065f16bb04635591b2374249b", "lessThan": "3e7d0968203d668af6036b9f9199c7b62c8a3581", "status": "affected", "versionType": "git"}, {"version": "c490a0b5a4f36da3918181a8acdc6991d967c5f3", "lessThan": "4be26d553a3f1d4f54f25353d1496c562002126d", "status": "affected", "versionType": "git"}, {"version": "c490a0b5a4f36da3918181a8acdc6991d967c5f3", "lessThan": "258809bf22bf71d53247856f374f2b1d055f2fd4", "status": "affected", "versionType": "git"}, {"version": "c490a0b5a4f36da3918181a8acdc6991d967c5f3", "lessThan": "9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa", "status": "affected", "versionType": "git"}, {"version": "18e28817cb516b39de6281f6db9b0618b2cc7b42", "status": "affected", "versionType": "git"}, {"version": "adf0112d9b8acb03485624220b4934f69bf13369", "status": "affected", "versionType": "git"}, {"version": "9be7fa7ead18a48940df7b59d993bbc8b9055c15", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/loop.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.173", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.100", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.18", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.5", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.140", "versionEndExcluding": "5.10.173"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15.64", "versionEndExcluding": "5.15.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.2.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9.327"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.292"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.19.6"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/832580af82ace363205039a8e7c4ef04552ccc1a"}, {"url": "https://git.kernel.org/stable/c/861021710bba9dfa0749a3c209a6c1773208b1f1"}, {"url": "https://git.kernel.org/stable/c/c79a924ed6afac1708dfd370ba66bcf6a852ced6"}, {"url": "https://git.kernel.org/stable/c/3e7d0968203d668af6036b9f9199c7b62c8a3581"}, {"url": "https://git.kernel.org/stable/c/4be26d553a3f1d4f54f25353d1496c562002126d"}, {"url": "https://git.kernel.org/stable/c/258809bf22bf71d53247856f374f2b1d055f2fd4"}, {"url": "https://git.kernel.org/stable/c/9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa"}], "title": "loop: loop_set_status_from_info() check before assignment", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: loop_set_status_from_info() check before assignment\n\nIn loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should\nbe checked before reassignment, because if an overflow error occurs, the\noriginal correct value will be changed to the wrong value, and it will not\nbe changed back.\n\nMore, the original patch did not solve the problem, the value was set and\nioctl returned an error, but the subsequent io used the value in the loop\ndriver, which still caused an alarm:\n\nloop_handle_cmd\n do_req_filebacked\n loff_t pos = ((loff_t) blk_rq_pos(rq) << 9) + lo->lo_offset;\n lo_rw_aio\n cmd->iocb.ki_pos = pos"}], "id": "CVE-2023-53820", "lastModified": "2025-12-09T18:37:13.640", "metrics": {}, "published": "2025-12-09T16:17:20.760", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/258809bf22bf71d53247856f374f2b1d055f2fd4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3e7d0968203d668af6036b9f9199c7b62c8a3581"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4be26d553a3f1d4f54f25353d1496c562002126d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/832580af82ace363205039a8e7c4ef04552ccc1a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/861021710bba9dfa0749a3c209a6c1773208b1f1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c79a924ed6afac1708dfd370ba66bcf6a852ced6"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: loop: loop_set_status_from_info() check before assignment", "id": "2420371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420371"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2023-53820", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53820\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53820\nhttps://lore.kernel.org/linux-cve-announce/2025120933-CVE-2023-53820-fb6c@gregkh/T"], "threat_severity": "Important"}